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CLAIMS 

What is claimed is: 

1. A method for preventing unauthorized dynamic host 
configuration servers from responding to client 
configuration requests in an Internet Protocol (IP) 
network, said method comprising the steps of: 

simulating a plurality of network clients within a 
server checker client; 

detecting at least one unauthorized dynamic host 
configuration server within said IP network; and 

delivering configuration requests from said server 
checker client to said at least one unauthorized dynamic 
configuration server such that said at least one 
unauthorized dynamic host configuration server is unable 
to respond to configuration requests from actual network 
clients . 

2. The method of claim 1, further comprising the step 
of reserving multiple IP addresses in each of said at 
least one unauthorized dynamic host configuration server. 

3. The method of claim 2, wherein said step of 
reserving multiple IP addresses in each of said at least 
one unauthorized dynamic host configuration server 
further comprises the step of delivering a plurality of 
different IP address requests to each of said at least 
one unauthorized dynamic host configuration server. 
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4. The method of claim 3, further comprising the step 
of flooding each of said at least one unauthorized 
dynamic host configuration server with a plurality of IP 
address renewal requests. 

5. The method of claim 4, wherein the step of flooding 
each of said at least one unauthorized dynamic host 
configuration server with a plurality of IP address 
renewal requests comprises the steps of: 

simulating a plurality of clients requesting renewal 
of their IP address; and 

delivering a plurality of different IP address 
renewal requests from said simulated plurality of clients 
to each of said at least one unauthorized dynamic host 
configuration server . 

6. The method of claim 5, wherein each IP address 
request includes : 

an unknown client medium access control (MAC) 
address; and 

an IP address of said server checker client. 

7. The method of claim 4, wherein each IP address 
renewal request includes an unknown client IP address. 

8. The method of claim 1, wherein said step of 
detecting an unauthorized dynamic host configuration 
server further comprises the steps of: 
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4 delivering an IP address request from said simulated 

5 network clients by: 

6 broadcasting a request for an IP address to dynamic 

7 host configuration servers over said IP network; 



8 receiving one or more responses from one or more of 

9 said dynamic host configuration servers; 



10 identifying a specific dynamic host configuration 

11 server that originated each of said responses; and 

O 

4b determining for each identified dynamic host 

01 

ygj configuration server whether or not said identified 

fiA dynamic host configuration server is authorized referring 

y I 

1^5 to a table, wherein said table includes a list of 
authorized dynamic host configuration servers. 

£ 

t . 
pi 

S^i 9. The method of claim 8, wherein said step of 

|Jl2 identifying a specific dynamic host configuration server 

3 that originated a response further comprises the step of 

4 retrieving from each response an IP address of the 

5 dynamic host configuration server that originated the 

6 response. 



1 10. The method of claim 8, wherein said table includes 

2 an IP address for each authorized dynamic host 

3 configuration server. 

1 11. The method of claim 8, wherein each response 

2 comprises a proposed IP address, and wherein said step of 

3 determining for each identified dynamic host 
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configuration server whether or not said identified 
dynamic host configuration server is authorized referring 
to a table, further comprises the step of releasing a 
proposed IP address to each identified dynamic host 
configuration server . 

12. The method of claim 11, wherein said releasing step 
further comprises the step of broadcasting a release 
message containing an IP address of an unknown dynamic 
host configuration server to each of said identified 
dynamic host configuration servers. 

13. The method of claim 1, wherein said detecting step 
is executed at predefined time intervals. 




14. A system for preventing unauthorized dynamic host 
configuration servers from responding to client 
configuration requests in an Internet Protocol (IP) 
network, said system comprising: 

processing means for simulating a plurality of 
network clients within a server checker client; 

processing means for detecting at least one 
unauthorized dynamic host configuration server within 
said IP network; and 

processing means for delivering configuration 
requests from said server checker client to said at least 
one unauthorized dynamic configuration server such that 
said at least one unauthorized dynamic host configuration 
server is unable to respond to configuration requests 
from actual network clients. 

15. The system of claim 14, further comprising 
processing means for reserving multiple IP addresses in 
each of said at least one unauthorized dynamic host 
configuration server . 

16. The system of claim 15, wherein said processing 
means for reserving multiple IP addresses in each of said 
at least one unauthorized dynamic host configuration 
server further comprises processing means for delivering 
a plurality of different IP address requests to each of 
said at least one unauthorized dynamic host configuration 
server . 
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17. The system of claim 16, further comprising 
processing means for flooding each of said at least one 
unauthorized dynamic host configuration server with a 
plurality of IP address renewal requests. 

18. The system of claim 11, wherein said processing 
means for flooding each of said at least one unauthorized 
dynamic host configuration server with a plurality of IP 
address renewal requests comprises: 

processing means for simulating a plurality of 
clients requesting renewal of their IP address; and 

processing means for delivering a plurality of 
different IP address renewal requests from said simulated 
plurality of clients to each of said at least one 
unauthorized dynamic host configuration server. 

19. The system of claim 18, wherein each IP address 
request includes: 

an unknown client medium access control (MAC) 
address ; and 

an IP address of said server checker client. 

20. The system of claim 17, wherein each IP address 
renewal request includes an unknown client IP address. 

21. The system of claim 14, wherein said processing 
means for detecting an unauthorized dynamic host 
configuration server further comprises: 
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processing means for delivering an IP address 
request from said simulated network clients by: 

processing means for broadcasting a request for an 

IP address to dynamic host configuration servers over 

said IP networks- 
processing means for receiving one or more responses 

from one or more of said dynamic host configuration 

servers ; 

processing means for identifying a specific dynamic 
host configuration server that originated each of said 
responses; and 

processing means for determining for each identified 
dynamic host configuration server whether or not said 
identified dynamic host configuration server is 
authorized referring to a table, wherein said table 
includes a list of authorized dynamic host configuration 
servers . 

22. The system of claim 21, wherein said processing 
means for identifying a specific dynamic host 
configuration server that originated a response further 
comprises processing means for retrieving from each 
response an IP address of the dynamic host configuration 
server that originated the response . 

23, The system of claim 21, wherein said table includes 
an IP address for each authorized dynamic host 
configuration server . 
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24. The system of claim 21, wherein each response 
comprises a proposed IP address, and wherein said 
processing means for determining for each identified 
dynamic host configuration server whether or not said 
identified dynamic host configuration server is 
authorized referring to a table, further comprises 
processing means for releasing a proposed IP address to 
each identified dynamic host configuration server. 

25. The system of claim 24, wherein said processing 
means for releasing a proposed IP address to each 
identified dynamic host configuration server further 
comprises processing means for broadcasting a release 
message containing an IP address of an unknown dynamic 
host configuration server to each of said identified 
dynamic host configuration servers, 

26. The system of claim 14, wherein said processing 
means for detecting at least one unauthorized dynamic 
host configuration server is activated at predefined time 
intervals . 
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1 2 7. A program product for preventing unauthorized 

2 dynamic host configuration servers from responding to 

3 client configuration requests in an Internet Protocol 

4 (IP) network, said program product comprising: 

5 instruction means for simulating a plurality of 

6 network clients within a server checker client; 

7 instruction means for detecting at least one 

8 unauthorized dynamic host configuration server within 

9 said IP network; and 

% instruction means for delivering configuration 

m 

requests from said server checker client to said at least 

'^2 one unauthorized dynamic configuration server such that 

Mr3 said at least one unauthorized dynamic host configuration 

server is unable to respond to configuration requests 

s 

M;5 from actual network clients. 

O 

«i : 

z J_J 

Uli 28. The program product of claim 27, further comprising 

^2 instruction means for reserving multiple IP addresses m 

3 each of said at least one unauthorized dynamic host 

4 configuration server. 

1 29. The program product of claim 28, wherein said 

2 instruction means for reserving multiple IP addresses in 

3 each of said at least one unauthorized dynamic host 

4 configuration server further comprises instruction means 

5 for delivering a plurality of different IP address 

6 requests to each of said at least one unauthorized 

7 dynamic host configuration server. 
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30. The program product of claim 29, further comprising 
instruction means for flooding each of said at least one 
unauthorized dynamic host configuration server with a 
plurality of IP address renewal requests. 

31. The program product of claim 30, wherein said 
instruction means for flooding each of said at least one 
unauthorized dynamic host configuration server with a 
plurality of IP address renewal requests comprises: 

instruction means for simulating a plurality of 
clients requesting renewal of their IP address; and 

instruction means for delivering a plurality of 
different IP address renewal requests from said simulated 
plurality of clients to each of said at least one 
unauthorized dynamic host configuration server. 

32. The program product of claim 31, wherein each IP 
address request includes: 

an unknown client medium access control (MAC) 
address; and 

an IP address of said server checker client. 

33. The program product of claim 30, wherein each IP 
address renewal request includes an unknown client IP 
address . 

34. The program product of claim 27, wherein said 
instruction means for detecting an unauthorized dynamic 
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host configuration server further comprises: 

instruction means for delivering an IP address 
request from said simulated network clients by: 

instruction means for broadcasting a request for an 
IP address to dynamic host configuration servers over 
said IP network; 

instruction means for receiving one or more 
responses from one or more of said dynamic host 
configuration servers; 

instruction means for identifying a specific dynamic 
host configuration server that originated each of said 
responses; and 

instruction means for determining for each 
identified dynamic host configuration server whether or 
not said identified dynamic host configuration server is 
authorized referring to a table, wherein said table 
includes a list of authorized dynamic host configuration 
servers . 

35. The program product of claim 34, wherein said 
instruction means for identifying a specific dynamic host 
configuration server that originated a response further 
comprises instruction means for retrieving from each 
response an IP address of the dynamic host configuration 
server that originated the response . 
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36. The program product of claim 34, wherein said table 
includes an IP address for each authorized dynamic host 
configuration server . 

37. The program product of claim 34, wherein each 
response comprises a proposed IP address, and wherein 
said instruction means for determining for each 
identified dynamic host configuration server whether or 
not said identified dynamic host configuration server is 
authorized referring to a table, further comprises 
instruction means for releasing a proposed IP address to 
each identified dynamic host configuration server. 

38. The program product of claim 37, wherein said 
instruction means for releasing a proposed IP address to 
each identified dynamic host configuration server further 
comprises instruction means for broadcasting a release 
message containing an IP address of an unknown dynamic 
host configuration server to each of said identified 
dynamic host configuration servers. 

39. The program product of claim 27, wherein said 
instruction means for detecting at least one unauthorized 
dynamic host configuration server is activated at 
predefined time intervals. 



